Changeset View
Changeset View
Standalone View
Standalone View
head/multimedia/mythtv/files/patch-CVE-2017-14055
Property | Old Value | New Value |
---|---|---|
fbsd:nokeywords | null | yes \ No newline at end of property |
svn:eol-style | null | native \ No newline at end of property |
svn:mime-type | null | text/plain \ No newline at end of property |
From d4fc6b211f19365fbae4b4388ec396b293fda249 Mon Sep 17 00:00:00 2001 | |||||
From: Michael Niedermayer <michael@niedermayer.cc> | |||||
Date: Fri, 25 Aug 2017 01:15:30 +0200 | |||||
Subject: [PATCH] avformat/mvdec: Fix DoS due to lack of eof check | |||||
Fixes: loop.mv | |||||
Found-by: Xiaohei and Wangchu from Alibaba Security Team | |||||
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> | |||||
(cherry picked from commit 4f05e2e2dc1a89f38cd9f0960a6561083d714f1e) | |||||
Signed-off-by: Michael Niedermayer <michael@niedermayer.cc> | |||||
--- | |||||
libavformat/mvdec.c | 2 ++ | |||||
1 file changed, 2 insertions(+) | |||||
diff --git libavformat/mvdec.c libavformat/mvdec.c | |||||
index 80ef4b1569a..e9e9fab5036 100644 | |||||
--- external/FFmpeg/libavformat/mvdec.c | |||||
+++ external/FFmpeg/libavformat/mvdec.c | |||||
@@ -338,6 +338,8 @@ static int mv_read_header(AVFormatContext *avctx) | |||||
uint32_t pos = avio_rb32(pb); | |||||
uint32_t asize = avio_rb32(pb); | |||||
uint32_t vsize = avio_rb32(pb); | |||||
+ if (avio_feof(pb)) | |||||
+ return AVERROR_INVALIDDATA; | |||||
avio_skip(pb, 8); | |||||
av_add_index_entry(ast, pos, timestamp, asize, 0, AVINDEX_KEYFRAME); | |||||
av_add_index_entry(vst, pos + asize, i, vsize, 0, AVINDEX_KEYFRAME); |